Papiers Numériques - European cyber security : history of a cultural transformation

In the first half of 2022, France will hold the presidency of the Council of the European Union. An opportunity which, in terms of cyber security, offers the prospect of increasing the momentum started in the last few years. In preparation for this time, certain key words can be heard at ANSSI: ambition, scaling up, cooperation, solidarity, digital sovereignty. Just a decade ago, such intentions didn’t come so naturally. ANSSI’s Papiers numériques look back at an area which, year on year, has become considerably “Europeanised”.

Publish the 08 September 2021 Updated 08 September 2021
Papiers Numériques - European cyber security - cover

“When, at the start of the 2010s, the bodies of the European Union (EU) suggested to the member states a draft European regulation for IT security, many were interested, yet also... cautious.Cautious because, at the time, cyber security and cyber defence were mainly perceived as sovereign affairs, the competence of the states. The idea that external bodies could have the right to be heard on these sovereign subjects therefore seemed counter-intuitive to those with an interest in the domain.

Although issues of national sovereignty remain relevant today, the way in which “cyber” subjects are handled at the EU level has changed considerably. In a decade, exchanges between states and bodies of the Union have been ramped up, resulting in regulations, cooperation groups, recommendations, benchmarks, common stances and large-scale projects. All blocks laid down in just a few years, and now testimony to the inestimable value of European cooperation. Because when it comes to cyber issues, things move at great speed.

To prevent the emergence of a two-speed Europe in terms of security, with varying levels of vulnerability among states, the implementation of protection mechanisms at the EU level was in fact inevitable. All the more so since in cyberspace, “borders” are porous: an attack affecting the information systems of an operator within one State can have a rebound effect and impact the services it provides in other countries. When we talk about IT protection, the interests of the various parties involved often overlap. [...]”

ANSSI’s Papiers numériques continue the story in nine points:

  • Developing national capacity
  • Focus on essential operators
  • Strengthening cooperation
  • From a technical to a strategic level
  • A unifying agency
  • Ensuring trust in the ecosystem
  • Scaling up
  • Preparing the next steps
  • Thinking with solidarity

The publication also includes:

  • An interview with Jean-Yves Le Drian, French Minister for Europe and Foreign Affairs;
  • An interview with Karel Řehka, director of NÚKIB in the Czech Republic;
  • Extracts from interviews with Guillaume Poupard and thirteen ANSSI agents.

“Solidarity can only be implemented if the capacity of states is increased through trusted private service providers”
Anne Tricaud, Head of the International coordination division1

Discover the french version : Papiers numériques – Cybersécurité européenne : histoire d’une mue culturelle